Something interesting came up on Team Starfire. A Non Seti member had a problem with "setiathome_4.18_windows_intelx86.exe" running in the background and couldn't get rid of it. After doing a lot of searching we found that it was hidden in his system32 folder and the exe was renamed to "wupdmgr1.exe" Someone went to a lot of trouble to hide everything. We found out the user that is getting the credits and his stats are very interesting. http://setiathome.berkeley.edu/team_display.php?teamid=122736 A one user team and ranked 10th in the world. What do you think?

Yup see it now thanks but he/she has compys hidden
so who knows how many they have would be an idea if
someone could find this out
something doesn't add up to me i did read the Team Starfire thread
very interesting.G'day from.....

He didn't download it at all. It installed without his permission under a different name, made to look like it's the Windows Update service.

Did he get an email from "Microsoft" with a link to "Windows Update"?
If so, he probably got a virus. Microsoft doesn't send out emails like that. A friend of mine followed such a link and had to reformat his entire drive to get rid of the virus.

The subject of Virii always elicits a very emotional and often panic reaction.

Before taking this discussion further, It is very important to note that BOINC itself hasn't any virus characterics, but, like any program, it can be the payload carried by a true virus or other exploit.

The subject of Virii always elicits a very emotional and often panic reaction.

Before taking this discussion further, It is very important to note that BOINC itself hasn't any virus characterics, but, like any program, it can be the payload carried by a true virus or other exploit.

Seen the same thing happening with FaH.
Some people find it usefull to make programs like FaH or SETI part of selfextracting/installing archives distributed via p2p networks.
So it is most like it was just a simple p2p-download (which the 'victim' most likely will not admit too) that installed SETI.

If the Berkeley staff are not already all over this one, they should be, before the press is. Computer ID's in that account might allow them to find the IP addresses being used, and maybe track back to some of the system owners. And at least tell us how many different systems are being used and are "infected" this way. It would take at least 100 and maybe 300 systems or more to generate that kind of average credit.